Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

SUSE: 2022:3135-1 Moderate DoS Risk in 389-ds Container Update

suse
Calendar Grey November 25, 2022
Dist Suse Esm H88
The latest SUSE 389-ds security update addresses critical vulnerabilities endangering system integrity and user data, with patches available for immediate application.
The container suse/389-ds was updated

Summary

Advisory ID: SUSE-RU-2022:4212-1 Released: Thu Nov 24 15:53:48 2022 Summary: Recommended update for openssl-1_1 Type: recommended Severity: moderate Advisory ID: SUSE-SU-2022:4214-1 Released: Thu Nov 24 16:17:31 2022 Summary: Security update for libdb-4_8 Type: security Severity: low

Topics%20covered

Topics Covered

security advisory security update doS suse openssl 389-ds

References

References : 1174414 1190651 CVE-2019-2708

1190651

This update for openssl-1_1 fixes the following issues:

- FIPS: Mark PBKDF2 with key shorter than 112 bits as non-approved (bsc#1190651)

- FIPS: Consider RSA siggen/sigver with PKCS1 padding also approved (bsc#1190651)

- FIPS: Return the correct indicator for a given EC group order bits (bsc#1190651)

1174414,CVE-2019-2708

This update for libdb-4_8 fixes the following issues:

- CVE-2019-2708: Fixed partial DoS due to data store execution (bsc#1174414).

The following package changes have been done:

- libopenssl1_1-1.1.1l-150400.7.16.1 updated

- libopenssl1_1-hmac-1.1.1l-150400.7.16.1 updated

- openssl-1_1-1.1.1l-150400.7.16.1 updated

- libdb-4_8-4.8.30-150000.7.6.1 updated

- db48-utils-4.8.30-150000.7.6.1 updated

Container Advisory ID : SUSE-CU-2022:3135-1
Container Tags : suse/389-ds:2.0 , suse/389-ds:2.0-17.55 , suse/389-ds:latest
Container Release : 17.55
Severity : moderate
Type : security

Topics%20covered

Topics Covered

security advisory security update doS suse openssl 389-ds

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here